Ataccama
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a legitimate Ataccama integration, but it gives the agent broad authenticated API control through Membrane without clear limits or write-action confirmation.
Install only if you trust Membrane and need agent access to Ataccama. Use a least-privileged account, review the global CLI install, and require explicit approval before the agent performs any write, delete, workflow execution, or raw proxy request.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad agent action could modify, delete, or trigger changes in Ataccama data, records, or workflows.
The skill exposes a raw authenticated API escape hatch, including mutating and deleting methods, without clear scoping or confirmation requirements in the provided instructions.
When the available actions don't cover your use case, you can send requests directly to the Ataccama API through Membrane's proxy... HTTP method (GET, POST, PUT, PATCH, DELETE).
Use least-privileged Ataccama access, prefer read-only/discovered actions where possible, and require explicit user confirmation before any POST, PUT, PATCH, DELETE, or workflow-execution request.
Using the skill may grant access to sensitive Ataccama resources under the connected account's permissions.
The integration requires delegated account authentication and credential refresh. This is expected for Ataccama access, but it gives the agent access through an authenticated Membrane connection.
Membrane handles authentication and credentials refresh automatically... membrane login --tenant --clientName=<agentType>
Connect only a trusted Membrane tenant and a least-privileged Ataccama account, and know how to revoke the connection if it is no longer needed.
The local environment will run whatever version npm resolves for the Membrane CLI at install time.
The skill asks for a global npm CLI install using the moving latest tag. This is central to the stated Membrane workflow, but it is still an unpinned external dependency.
npm install -g @membranehq/cli@latest
Install from a trusted npm source, consider pinning a reviewed version, and verify the package before using it with sensitive accounts.
Remote connection guidance could influence what the agent does next during setup.
The skill tells the agent to consume programmatic instructions returned by the external connection setup flow. That may be useful, but such returned instructions should not override the user's intent or safety checks.
clientAction.agentInstructions (optional) — instructions for the AI agent on how to proceed programmatically.
Treat returned agent instructions as untrusted guidance, and confirm any sensitive, mutating, or unexpected action with the user.
Ataccama data and API operations may be exposed to the Membrane integration path, depending on the provider's handling and logging.
Ataccama API requests are routed through Membrane as a gateway/proxy that applies authentication. This is disclosed and purpose-aligned, but it means sensitive requests and responses may pass through the Membrane service.
send requests directly to the Ataccama API through Membrane's proxy... injects the correct authentication headers
Review Membrane's privacy/security posture and avoid sending highly sensitive data unless the organization has approved that data flow.